Information Security

Initiatives to Protect Personal Information

The Nisshinbo Group recognizes that one of our key corporate responsibilities is to ensure that all important information related to stakeholders is protected and managed appropriately. In order to fulfill this responsibility, we handle personal information in accordance with our Privacy Policy. In addition, internal audits are conducted to confirm that company regulations are functioning properly, and steps are taken to prevent information leaks and realize ongoing improvements.

To ensure every one of our employees maintains awareness of personal information protection, we conduct training when employees join the company and when they are promoted as well as training at each of our business sites based on its annual plan. Additionally, in January 2016 the Company formulated Provisions on the Handling of Specific Personal Information in response to Japan’s adoption of a national identification number system. Furthermore, we are proceeding with responses to the EU’s new General Data Protection Regulation, implemented in May 2018.

Initiatives to Ensure Information Security

The Nisshinbo Group is constantly reinforcing information security measures to prevent leaks of confidential information, including customers' personal information.

To prevent computer virus attacks, we monitor e-mails through a targeted e-mail attack prevention system and use anti-virus software and security patch programs widely on our IT equipment. We also employ information security management systems to monitor access to important data and limit access to information networks from unauthorized IT equipment. Through these measures, we work to prevent leaks of information from internal fraud and prevent external threats.

We have established Guidelines for Information Security as rules for Group companies to follow. To ensure compliance with these rules, we regularly conduct IT internal audits on our subsidiaries both in Japan and other countries, and work continuously to improve their status.

We have prepared training materials that include rules for information system users, and we periodically conduct group-wide training to raise awareness of our information security measures among all users in the Group.

From the standpoint of business continuity in the event of a large-scale disaster, we are in the process of migrating the business servers located in our in-house server room to external data centers.